| 2025-04-01 | CVE-2025-2237 | The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication bypass in all versions up to, and including, 1.6.26. network low complexity CWE-269 critical | 9.8 |
| 2025-03-14 | CVE-2025-2232 | Improper Privilege Management vulnerability in Purethemes Realteo 1.2.4
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and including, 1.2.8. | 9.8 |
| 2025-03-14 | CVE-2024-13376 | The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the _ajax_get_total_content_import_items() function in all versions up to, and including, 1.7.8. | 8.8 |
| 2025-03-11 | CVE-2025-21199 | Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally. | 6.7 |
| 2025-03-08 | CVE-2025-0177 | Improper Privilege Management vulnerability in Javothemes Javo Core
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. | 9.8 |
| 2025-03-08 | CVE-2024-13835 | Improper Privilege Management vulnerability in Wpexpertplugins Post Meta Data Manager
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. | 7.2 |
| 2025-03-05 | CVE-2024-11951 | The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0. network low complexity CWE-269 critical | 9.8 |
| 2025-03-05 | CVE-2024-12281 | The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2. network low complexity CWE-269 critical | 9.8 |
| 2025-02-27 | CVE-2024-2297 | Improper Privilege Management vulnerability in Bricksbuilder Bricks
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. | 8.8 |
| 2025-02-27 | CVE-2025-1295 | The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7. | 8.8 |